CWE-601

GPTKB entity

Statements (19)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:category Security Weakness
gptkbp:cause Phishing
Malware Distribution
Credential Theft
gptkbp:describedBy gptkb:MITRE_CWE
gptkbp:example A web application that redirects users to a URL specified by a request parameter without validation
gptkbp:externalLink https://cwe.mitre.org/data/definitions/601.html
gptkbp:foundIn Web Applications
gptkbp:hasIdol 601
https://www.w3.org/2000/01/rdf-schema#label CWE-601
gptkbp:mitigatedBy Avoid using user input directly in redirect URLs
Validate and sanitize all user-supplied input used for redirects
gptkbp:name URL Redirection to Untrusted Site ('Open Redirect')
gptkbp:partOf CWE Top 25 (varies by year)
gptkbp:relatedTo Open Redirect
gptkbp:status Active
gptkbp:bfsParent gptkb:CWE-352
gptkbp:bfsLayer 6